Following the recent airport cybersecurity incidents in Europe, stakeholders have issued a call to action. This is in the context of Collins Aerospace saying on 24th September 2025 that it was still working with the affected airports, including Brussels and London Heathrow (Europe’s busiest airport). While some level of disruption continues, the firm is in the final stages of completing updates to help restore full functionality.
The cyberattack on Collins Aerospace’s Muse software caused widespread check-in and boarding disruptions at major European airports including Heathrow, Berlin and Brussels.
RTX, which owns software provider Collins Aerospace, said it has identified its Muse software – which allows different airlines to use the same check-in desks and boarding gates at an airport, rather than requiring their own – as the system that had been affected.
The incident, reported by the BBC, is the latest in a series of high-profile cyber events this month – including a major attack on Jaguar Land Rover’s IT systems – highlighting how dependent organisations are on third-party vendors and supply chains, and how quickly operational, financial, and reputational impacts can escalate.
The UK government’s independent reviewer of terrorism legislation, Jonathan Hall KC, said it was possible state-sponsored hackers could be behind the attack, including the possibility of Russia.
Commenting on the incident, Dominic Ryles, Sales & Alliance Director, Exertis Cybersecurity, tells Digital Journal: “What happened this weekend is exactly the kind of systemic vulnerability we warn about – when a trusted third-party or vendor is attacked, the ripple effects can be huge.”
This arises due to inherent weaknesses, Ryles explains: “For many organisations, the infrastructure they rely on isn’t fully under their control. That means a weakness somewhere in your supply chain or a vendor’s software can be just as dangerous as a breach inside your own network.”
Instead, a different tangent is needed. Ryles recommends approaches intended to “help companies build resilience across all fronts: vendor risk assessments, continuous monitoring, incident response planning, and ensuring strong backup and recovery processes are in place. Because when things go wrong, every minute of downtime costs more than just money — it damages trust.”
- Vendor & Supply Chain Risk Management: Auditing and continuously monitoring third-party systems to ensure they meet robust security standards.
- Layered Defence & Real-Time Detection: Deployment of perimeter defences, endpoint protection, and continuous threat monitoring via Exertis’ Security Operations Centre.
- Incident Response & Disaster Recovery: Enabling rapid response and minimising downtime through tested recovery plans and resilient infrastructures.
- MSP Enablement: Empowering Managed Service Providers with scalable cybersecurity solutions to protect their customer base.
Ryles notes that these capabilities are designed to ensure business continuity in an environment where no organisation is immune from attack.
